Time Stamp Signer

The signer has the class name: org.signserver.server.signers.TimeStampSigner.

Overview

The time stamp server generates time stamp tokens and supports the following options:

Set of accepted policies
Set of accepted algorithms
Set of accepted extensions
Accuracy microseconds
Accuracy milliseconds
Accuracy seconds
Included certificate chain (currently doesn't include CRLs)
Ordering
TSA name

Time-stamp requests are served through a HTTP(S) service at the URL:

http://<host name>/signserver/process?workerId=<worker Id>

The time-stamp signer requires a time-stamp certificate with the extended key usage time-stamp only. The extended key usage extension must be critical.

If the time-stamp request contains a nonce value, this value is also included in the time-stamp token.

Available Properties

The following properties can be configured with the signer:

Required Property

Default

Description

DEFAULTTSAPOLICYOID

TSA policy ID

The default policy ID of the time stamp authority. If no policy OID is specified in the request, this value is used.

Property

Default

Description

ACCEPTEDALGORITHMS

None

(Optional, Strongly Recommended) A ';' separated string containing accepted algorithms. Can be null if it should not be used.

Supported algorithms are: GOST3411, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, RIPEMD128, RIPEMD160, and RIPEMD256.

ACCEPTANYPOLICY

None

If set to true, allow any policy. If set to true, ACCEPTEDPOLICIES cannot be set. Optionally, this can be set to false or left empty when setting ACCEPTEDPOLICIES.

ACCEPTEDEXTENSIONS

None

(Optional) A ';' separated string containing accepted extensions. Can be null if it should not be used.

ACCEPTEDPOLICIES

None

(Optional, Recommended) A ';' separated string containing accepted policies.

Only policies listed in this property are allowed to be requested. If the property does not contain any policies, then no policy can be requested. Requests not including any policy use the default policy regardless of this property, but requests explicitly requesting the default policy are still not allowed unless listed in this property. If this property is used, ACCEPTANYPOLICY cannot be set to true.

CERTIFICATE_DIGEST_ALGORITHM

SHA256

Specifies the digest algorithm used for calculating the digest of the signing certificate. Supported values are: SHA1, SHA224, SHA256, SHA384, and SHA512.
When using an algorithm other than SHA1, RFC 5816-compliant time stamps are issued. To get the old behavior (with the ESSCertID attribute instead of ESSCertIDv2), SHA1 must be set explicitly.

ACCURACYMICROS

None

(Optional) Accuracy in microseconds as an integer. Can be combined additively with ACCURACYMILLIS and ACCURACYSECONDS.

ACCURACYMILLIS

None

(Optional) Accuracy in milliseconds as an integer. Can be combined additively with ACCURACYMICROS and ACCURACYSECONDS.

ACCURACYSECONDS

None

(Optional) Accuracy in seconds as an integer. Can be combined additively with ACCURACYMICROS and ACCURACYMILLIS.

INCLUDE_CERTID_ISSUERSERIAL

True

Specifies if the signingCertificate (or signingCertificateV2) attribute's ESSCertID should include the issuer and serial number in addition to the certificate hash.

INCLUDECMSALGORITHMPROTECTATTRIBUTE

True

(Optional) Specifies if the cmsAlgorithmProtect (RFC#6211) signed attribute should be included in the response.

INCLUDEORDERING

False

(Optional) If set to true, always include the ordering attribute, even when ORDERING is set to false. It is not allowed to set this to false when ORDERING is set to true.

INCLUDESIGNINGTIMEATTRIBUTE

True

(Optional) Specifies if the signingTime signed CMS attribute should be included in the response.

INCLUDESTATUSSTRING

False

(Optional) Specifies if the status string is to be included in the response.

Setting this to true triggers a bug in some versions of OpenJDK's jarsigner utility.

LEGACYENCODING

False

(Optional) As of SignServer 4.0, the encoding of the time-stamp tokens has changed. One consequence is that the order of the certificates in the output might not be the same as in the certificate chain due to the DER encoding and the fact that the certificates field is a set and thus not ordered. To restore the old behavior, set LEGACYENCODING=true.

MAXSERIALNUMBERLENGTH

8

The maximum size (in bytes) used when generating serial numbers, must be between 8 and 20 (64 - 160 bits). The generated serial number is always positive, so the sign bit is always a zero.

ORDERING

False

(Optional)

Only false is supported.

REQUIREVALIDCHAIN

False

Set to true to perform an extra check that the SIGNERCERTCHAIN only contains certificates in the chain of the signer certificate.

SIGNATUREALGORITHM

SHA256withRSA

Property specifying the algorithm used to sign the timestamp.

TIMESOURCE

None

(Optional) Property containing the fully qualified name of the class implementing the ITimeSource that should be used. The following built-in TimeSourceS are available:

Built-in TimeSource

Description

org.signserver.server.LocalComputerTimeSource

This is the default TimeSource. Uses the time from the local computer and always returns the time.

org.signserver.server.StatusReadingLocalComputerTimeSource

This TimeSource returns the time from the local computer but only if the status property TIMESOURCE0_INSYNC is not expired and returned as true from the Status Repository.

Default: NONE.

For worker properties, see StatusReadingLocalComputerTimeSource Worker Properties.

TSA

None

(Optional) Specifies the general name of the Time Stamp Authority.

TSA_FROM_CERT

Not set

(Optional) Setting this property to true sets the general name of the Time Stamp Authority to the subject DN of the signing certificate.

TSA_FROM_CERT cannot be set to true if the TSA property is set.

TSA_URL

None

(Optional) Specifies the URL of external (Authenticode or RFC#3161) time-stamp authority.

TSA_URL cannot be combined with TSA_WORKER.

TSA_WORKER

None

(Optional) Specifies the Worker ID or name of internal (Authenticode or RFC#3161) time-stamp signer in the same SignServer.

TSA_WORKER cannot be combined with TSA_URL.

VERIFY_TOKEN_SIGNATURE

True

Specifies if the timestamp token signature is to be validated after signing. Signing fails if validation is not successful.

WORKERLOGGER

DefaultTimeStampLogger

As for other workers, this property can be used to specify which worker logger to use. By default, the DefaultTimeStampLogger is used.

Certificate Requirements

Specifying a signer certificate is required since information from that certificate is used to indicate which signer signed the time-stamp token.
The signer certificate chain contains all certificates included in the token if the client requests the certificates.
The signer certificate MUST be included in the configured certificate chain. Other certificates might also be included in the chain (typically intermediate CA certificates). However, if REQUIREVALIDCHAIN=true is specified, only the signer certificate, directly followed by its issuer and then the issuer's issuer and so on, is allowed. All certificates are verified if there is a certificate coming after it. No check is made that the last certificate is a root certificate since that certificate is usually not included.
A time-stamp signer certificate must have the extended key usage extension present and marked as critical.
The extended key usage extension must contain the timeStamping key purpose ID and only that one.

StatusReadingLocalComputerTimeSource Worker Properties

This TimeSource, org.signserver.server.StatusReadingLocalComputerTimeSource, returns the time from the local computer but only if the status property TIMESOURCE0_INSYNC is not expired and returned as true from the Status Repository.

LEAPSECOND_HANDLING properties:

NONE: Default. Leap seconds are not considered and time-stamp tokens are issued as usual.
PAUSE: The TimeSource queries the status property LEAPSECOND from the Status Repository. If this property is not expired, has the value POSITIVE or NEGATIVE, and the current time is in the interval surrounding a potential leap second (23:59:58,989 - 00:00:01,010) (at month shifts, in UTC time), the TimeSource will make a pause to ensure the time value is not fetch on the leap second. The value NONE is interpreted as there is no leap second, and the time value is returned immediately as usual. If the value has expired, no valid time is returned.
STOP: The TimeSource queries the status property in the same way as for the PAUSE strategy. During the interval surrounding a potential leap second, no time is returned. This causes the response to the clients to be timeSourceNotAvailable. If the LEAPSECOND status property value has expired, no valid time is returned.

This time source adds an additional worker status item indicating the currently used leap second strategy. The following additional log fields are included for a logger implementation to use:

Log Field

Description

LEAP_UPCOMING

This field has following value options:

True: If a leap second is known to be coming soon.
False: If there is no leap second known to be coming.
Unknown: If it was unable to read the status.

LEAP_PERIOD

This field will be included when LEAP_UPCOMING is true. It has the value true or false depending on whether the request was made during the time interval surrounding a leap second.

LEAP_ACTION

This field includes the value of the currently used leap second strategy.

Time Stamp Signing with MS SignTool

By default, MS SignTool expects a MS Authenticode Time Stamp Signer.

In SignServer, set the TSA to use RFC#3161. In SignTool, use the /tr flag to specifiy the URL of the time stamp server.

For more information, see the MS SignTool documentation.

MS Authenticode Time Stamp Signer

This legacy time stamp signer is compatible with the Microsoft Authenticode Time Stamping code signing. See MS Authenticode Time Stamp Signer for more information.

In SignTool, use the /t flag to specifiy the URL of the time stamp server.

Though you can set the TSA as Authenticode, this is the legacy format and not preferable. Instead, use RFC#3161.